ID
VAR-201503-0195
CVE
CVE-2015-2107
TITLE
SAP for HP Operations Manager i In OS Command execution vulnerability
Trust: 0.8
sources:
JVNDB: JVNDB-2015-001823
DESCRIPTION
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. HP Operations is a decentralized client/service software product for managing distributed environments
Trust: 2.16
sources:
NVD: CVE-2015-2107 //
JVNDB: JVNDB-2015-001823 //
CNVD: CNVD-2015-01694
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01694
AFFECTED PRODUCTS
| vendor: | hp | model: | operations manager i management pack | scope: | eq | version: | 1.0 | Trust: 1.6 |
| vendor: | hewlett packard | model: | hp operations manager i | scope: | eq | version: | 1.01 | Trust: 0.8 |
| vendor: | hewlett packard | model: | hp operations manager i | scope: | lt | version: | 1.x (management pack for sap) | Trust: 0.8 |
| vendor: | hp | model: | operations manager | scope: | - | version: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01694 //
JVNDB: JVNDB-2015-001823 //
CNNVD: CNNVD-201503-333 //
NVD: CVE-2015-2107
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2015-01694 //
JVNDB: JVNDB-2015-001823 //
CNNVD: CNNVD-201503-333 //
NVD: CVE-2015-2107
PROBLEMTYPE DATA
| problemtype: | CWE-284 | Trust: 1.0 |
| problemtype: | CWE-Other | Trust: 0.8 |
sources:
JVNDB: JVNDB-2015-001823 //
NVD: CVE-2015-2107
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-201503-333
TYPE
access control error
Trust: 0.6
sources:
CNNVD: CNNVD-201503-333
CONFIGURATIONS
sources:
JVNDB: JVNDB-2015-001823
PATCH
| title: | HPSBGN03284 SSRT101971 | url: | http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04588084 | Trust: 0.8 |
| title: | Patch for HP Operations Manager i Management Pack for SAP Privilege Escalation Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/56313 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01694 //
JVNDB: JVNDB-2015-001823
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-2107 | Trust: 3.0 |
| db: | SECTRACK | id: | 1031870 | Trust: 1.6 |
| db: | JVNDB | id: | JVNDB-2015-001823 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2015-01694 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201503-333 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01694 //
JVNDB: JVNDB-2015-001823 //
CNNVD: CNNVD-201503-333 //
NVD: CVE-2015-2107
REFERENCES
| url: | http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04588084 | Trust: 2.2 |
| url: | http://www.securitytracker.com/id/1031870 | Trust: 1.6 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2107 | Trust: 1.4 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2107 | Trust: 0.8 |
sources:
CNVD: CNVD-2015-01694 //
JVNDB: JVNDB-2015-001823 //
CNNVD: CNNVD-201503-333 //
NVD: CVE-2015-2107
SOURCES
| db: | CNVD | id: | CNVD-2015-01694 |
| db: | JVNDB | id: | JVNDB-2015-001823 |
| db: | CNNVD | id: | CNNVD-201503-333 |
| db: | NVD | id: | CVE-2015-2107 |
LAST UPDATE DATE
2024-11-23T23:02:41.459000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-01694 | date: | 2015-03-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-001823 | date: | 2015-03-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201503-333 | date: | 2019-10-17T00:00:00 |
| db: | NVD | id: | CVE-2015-2107 | date: | 2024-11-21T02:26:48.587 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-01694 | date: | 2015-03-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-001823 | date: | 2015-03-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201503-333 | date: | 2015-03-16T00:00:00 |
| db: | NVD | id: | CVE-2015-2107 | date: | 2015-03-14T01:59:15.533 |